US-China cyber security wrangle lies ahead

 

The US says Chinese cyber hacking is hitting business competitiveness

Related Stories

Sitting down at their summit in California this week President Xi Jinping and President Barack Obama will find one new issue near the top of their agenda: the theft by Chinese hackers of US commercial and trade secrets.

Cyber security, as it's often called, will be, I've been told, number two on the list of concerns the US raises with China's new leader. That puts it second only to American worries about North Korea, where the White House is concerned about Pyongyang's nuclear programme and recent threats to launch attacks on US forces and allies, and a more urgent issue than Syria or Iran.

Even three or four years ago, cyber spying did not figure nearly so prominently. What has prompted its dramatic rise is the perception in the US that the theft of information by Chinese hackers from US companies is now rampant.

'Worrisome' scale

Kenneth Lieberthal, a former director for Asia on President Bill Clinton's National Security Council and now at the Brookings Institution, said "we have a good idea of what they are stealing and the quantity is enormous."

Speaking in Beijing, Mr Lieberthal told me "the loss of that scale of proprietary information has got to be very worrisome".

Kenneth Lieberthal, former Asia director, US National Security Council Mr Lieberthal said the quantity of cyber theft from hackers "is enormous"

"It affects American competitiveness, it affects the willingness of our companies to invest in innovation if the results are going to be appropriated illegally elsewhere. It affects American jobs so it is a very serious set of issues. And it is one that will get a lot of attention at this summit."

The issue is complicated by the fact the world's number one and two economies are today so intertwined. American companies want to sell to China and want access to its market. Chinese firms want to invest in America.

A rising China is hungry for advanced technologies. But the US is warning that stealing them will not serve China's long-term interests or help it develop its own innovation culture.

The interdependence was there to see at the US-China CEO Dialogue in Beijing this week. Several dozen top US and Chinese business leaders, current and former cabinet-level officials, diplomats and others were discussing trade and investment opportunities. Among the American firms represented were oil majors like Exxon Mobil and technology giants like Microsoft and Western Digital Corporation.

But behind the smiles for the group photographs, America's most powerful business figures are urging their government to act.

Start Quote

Xu Guangyu, retired PLA general

Getting information, especially military information from other countries didn't just begin with the internet - spying has been around for hundreds of years”

End Quote Xu Guangyu Former PLA general

A report last month by the independent Commission on the Theft of American Intellectual Property put losses to the US from IP theft at as much as $300bn (£192bn) a year. It said 50-80% of the thefts were thought to be by China.

Ryan Lance, chairman and CEO of the oil giant ConocoPhillips, told me concerns about cyber attacks would be a major talking point at the CEO dialogue.

"We get intrusions into our systems daily," he said. "They come from all over the world, so it's not just an issue in particular with China. But certainly, as a company, we have to protect our data, protect our intellectual property, and we spend a lot of time and effort doing that."

When pressed whether ConocoPhillips' computers were being targeted from China, he said unequivocally, "We believe so. Yes."

Business targets

The Pentagon recently accused Chinese hackers of stealing defence technology from US contractors. Among the information taken is believed to be designs for America's latest stealth fighter the F-35, for helicopters and combat ships, Patriot missiles, and the US' most advanced missile defence systems.

Those thefts may have been damaging and embarrassing for America, but, privately, officials say both sides agree nations will always attempt to steal military and political secrets from each other. The US does the same to China.

Xu Guangyu, a former PLA general, says "What's the fuss? Getting information, especially military information from other countries didn't just begin with the internet. Spying has been around for hundreds of years. It's normal."

But what is concerning America is the fact that the Chinese state appears to be behind a concerted campaign targeting sensitive or technical information held by US private businesses.

Many companies are reticent about revealing what information they have lost. But it's known that among the targets in the US have been companies like Coca Cola, media firms like The New York Times and the source codes that are at the heart of Google's systems.

Google said it traced the hacking of its computers over three years ago to a technology college in Shandong province. The college denied it had anything to do with the attacks.

Interior of Nexusguard office in Beijing Nexusguard helps protect companies from online assaults

But Kenneth Lieberthal says the US is making cyber theft a public issue, as it believes there is clear evidence China's military is involved.

"There are a couple of major groups in China that account for a substantial amount of the damage," he says.

"They are very well organised. They are at it every day, they are quite skilled, especially at intrusion. But they aren't as skilled at covering up their tracks and we have a very good idea who they are."

Growing industry

So China's Mr Xi is likely to be told by Mr Obama at their summit that a Chinese People's Liberation Army unit in Shanghai has been linked to the attacks. The US technology firm Mandiant has detailed how the PLA unit appears to be behind assaults on private US firms.

And Kenneth Lieberthal says the US president will say that China must rein in the cyber thieves.

Politically the issue is becoming highly-charged in America. That's why it is now so high up the agenda, and if China doesn't act, then the thefts from private companies risk damaging US-Chinese relations.

"This has all the characteristics that poison a relationship," said Mr Lieberthal.

"From the American citizen's point of view, this is Communist China coming over and stealing our secrets and using them against us. It is the worst possible image of the country and unfortunately Chinese behaviour is feeding that image."

China often says the sources of the hacking are unclear or can't be determined, and it too is a victim of US attacks.

Ryan Lance, chairman and CEO of ConocoPhillips Mr Lance, chairman of ConocoPhillips, talks of "daily intrusions" into their systems

But a quick search online is enough to see China has a growing industry around cyber attacks. You can find people offering lessons in hacking, hacking software for sale, even Chinese hackers for hire. They offer to steal information for you, or for $30 an hour, take any website you want offline.

China is churning out ranks of cheap, skilled computer programmers. Some though aren't launching attacks, instead they are working to stop them.

From offices in Beijing, a group of programmers are developing codes to protect systems from DDOS attacks. The firm, Nexusguard, helps protect companies in Asia, America and Europe from online assaults.

William Guo, Nexusguard's technical manager, believes Chinese hackers can earn huge sums.

"These kind of attacks are very common," he said. "They are very easy to launch and hard to mitigate against. From the attacks I saw, mostly it's for money."

He said hackers either get paid to attack someone else's systems or try to blackmail companies, and he's heard claims one group of hackers earned more than $10m before they were caught.

What Mr Obama may not say to Xi Jinping is exactly what the US may do if China does not help curb the thefts. But pressure is rising for the US to respond, as cyber crime is now harming US companies and jobs, damaging American competitiveness and innovation.

As Mr Lieberthal warns: "If we start seeing a lot of products showing up that clearly embody stolen technologies from the US, I think you are going to see measures eventually taken that impose tariffs, that bar those goods from the US, in other words try to change the economic calculus if reasoning with China's government does not produce sufficient results."

 
Damian Grammaticas Article written by Damian Grammaticas Damian Grammaticas China correspondent

Uncovering China's illegal ivory trade

Demand for ivory in China has pushed levels of poaching to new highs. The BBC's Damian Grammaticas investigates China's illegal ivory traders.

Read full article

More on This Story

Related Stories

Comments

This entry is now closed for comments

Jump to comments pagination
 
  • rate this
    0

    Comment number 22.

    Barrack Obama and Xi Jinping are really 2 of a kind.
    Will they talk about cyber spying and human rights?
    Not a chance.
    http://wp.me/p28mLX-wo

  • rate this
    0

    Comment number 21.

    Xi should ask Obama of the US to let my people go and move to the US by the millions, if the US really cares about human rights.

    That will shut the messiah's mouth for the rest of his term and stop the theft of information by Chinese hackers in China.

  • rate this
    0

    Comment number 20.

    When Chinese earn enough money they often choose to live elsewhere even if the source of wealth stays back in China. A lot of times they move to America. Those who are not wealthy pay snakeheads to get them out. Do workers still try to jump off the roofs at Foxtronics? 80 hour work weeks, no breaks to even go to the bathroom, these working conditions would be illegal in the US and Europe. China has too many problems to list in one comment on this blog. They will catch up with China and it will go into decline. Always happens that way somehow to those who try to challenge America.

  • rate this
    0

    Comment number 19.

    10"Re "The US can bankrupt China any time"
    How is that so when the US actually owes China so much money?"

    Insofar as American debt to China is concerned the US can print as much money as it wants to, has to to pay its debts. China's purchase of US Treasury securities will be paid back as they come due, some up to 30 years long.

    If the US were to place a trade embargo on China today it would be bankrupt in a matter of days. China as we know it cannot exist without a constant export of US technology to its factories and import of its manufactured goods. As it is, much may move out anyway.

  • rate this
    0

    Comment number 18.

    Let's not have any illusions about the nature of China's government. Tiananmen Square demonstrated it is an utterly ruthless tyranny that lets nothing stand in the way of the Communist party maintaining absolute power even at the cost of shooting its own people dead in the streets.Absolutely barbaric.Meanwhile some Americans fret over the US government knowing who is calling terrorists in Somalia.Time for the US government to stand up for its own people by dealing with threats to our security forcefully with real consequences. Will the US cyber attack China? I'll bet it could if it wants to.

  • rate this
    0

    Comment number 17.

    Oh the irony! Just yesterday the Guardian revealed a presidential directive outlining the US's plans for cyber-warfare and that the US is stepping up it's offensive capabilities. The only reason the US isn't hacking Chinese firms is that there isn't an economic need. If the roles were reversed and it was American hackers stealing Chinese intellectual property then the US would call it "entrepreneurship" and "patriotic".

  • rate this
    +1

    Comment number 16.

    12.
    Ryan - If this was an "unbiased article" then why is there no mention of Stuxnet, a US virus that endangered the lives of millions by sabotaging nuclear plants? Or of Verizon simply handing over all their records of customers by NSA request? Or of all major US tech companies willingly giving access to their data servers to the NSA (no hacks, no backdoors) by signing up to the PRISM program - then telling the public "no, it's all OK, your data is safe"??? Any non-American - (especially) Chinese included - that uses a US tech company or their products and services is monitored.

  • rate this
    +1

    Comment number 15.

    I think Xi should raise up the ever so small issue of PRISM in their cyber securitty meetings. ALLEGED Chinese hacking attempts and Chinese corporations (Huaiwei) that are ALLEGEDLY part of the goverment are nothing compared to the fact that all major tech companies that hold everyone's data - all American - are willingly handing over data to the US spooks

  • rate this
    +3

    Comment number 14.

    Go China! You hack those American hypocrites.

    I wonder if the Americans realise how foolish they look whining about other countries' espionage considering their own history and, especially, considering recent revelations regarding their extraordinary surveillance program.

    It's almost as amusing as the time they asked the Iranians to return their downed drone.

  • rate this
    -1

    Comment number 13.

    US tries to tell me US can't protect the top secret,do you believe it ? Giving that US is the leader in Hi-Tech

  • rate this
    -2

    Comment number 12.

    Hats off to the BBC as usual for its attempt at unbiased reporting. Barack Obama does not understand the Chinese psyche at all. Neither do I, but I have an informed opinion. No Chinese official (my knowledge starts at the Ming Dynasty) will respond to anything but viable military threats. I'm not saying anyone should attack China. But President Obama has no sway with them, given his past record with other foreign countries, e.g. Russia and Syria. But, for better or worse, the USA could easily bankrupt China, as long as it was prepared to deal with the ensuing global economic collapse.

  • rate this
    0

    Comment number 11.

    Quite a variety of comments. Anybody actually knows what we are talking about? IT security is a never-ending story. Nothing new, why so surprised? Because now its hitting back to where it started? Knowledge is power, today more then ever. Yankee or not, cyber-theft is global.

  • rate this
    +1

    Comment number 10.

    Re "The US can bankrupt China any time"
    How is that so when the US actually owes China so much money? Oh, that's right: it isn't.

    And re-computer security: China has in the past executed those convicted of computer crime. Yes, EXECUTED. Fact. Besides that it is quite simply hilarious that some people think the source IP coming from China means it is directly from China. Never mind proxies (old technology) or even blind attacks (like IP spoofing, old also)... there's also the fact that they could be exploited too(point 1). Whether the case all the time is not even important. It goes both ways.

  • rate this
    +1

    Comment number 9.

    sieuarlu
    You are are crazy fanatic and totally dellisional rant. America cant do anything to China. The USA can longer send its warship to the South and East China Sea. They even avoid assisting the Phillipines in Scarborough Shoal which came under Chinese administration recently. Even North Korea can scare USA who begs China to rein in on its ally.

  • rate this
    +2

    Comment number 8.

    On the same day Barack Obama backs his government surveillance of its country's internet and phone targeting the privacy of its citizens.

    http://www.bbc.co.uk/news/world-us-canada-22820711

    A case of "do as I say but not as I do".

    Hypocrit.

  • rate this
    +2

    Comment number 7.

    Just shut down skype, and FB video connection,later to shut down FB, altogether, along with all usa internet companies and anythinng to do with the yank spies, suggest people everywhere do the same, thay'll fix em. google, IE, yahoo, the lot. going to use my computer for what I did before, playing games offline, where's is my spectrum emulator and copy of 1984, a management strategy game. Goodbye MR PRESIDENT, I once supported you as a goodie, for peace and freedom and hope for a better future, but now feeling a twot. Goodbye mr Cameron, Goodbye HYS, goodbye BBC. I'm gonna get some fresh air.

  • rate this
    -2

    Comment number 6.

    The unchecked aggressiveness China is exhibiting is not only threatening America's economy but its security and that of others as well. China needs to be taken down a few pegs. It is not remotely in the same league as the US in any meaningful way. It has the same hubris pre-WWII Japan and Germany showed and the USSR and EU showed. Sooner or later there will be conflict. The US has many ways to inflict consequences for China, most not military. The US can bankrupt China any time it cares to. So far that has not been in America's interest....so far.

  • rate this
    -2

    Comment number 5.

    The US needs to punish China as a warning since nothing else works. Taking China off line from the internet, disconnecting it from the rest of the world, even from itself for several days or a week or two with a warning that the next time will be permanent would send an unmistakable message that the US means business. Anything less will be unconvincing. Does the US have the power to do this? Yes it can.

  • rate this
    +2

    Comment number 4.

    It is not only illegal hacking that endangers America's national security and technological advantages but it is what is done legally.

    American universities use legal loopholes to export huge amounts of technology to China. Their faculty visit Chinese military academies to give lectures and Chinese army officer study technology on university campuses.

    Read more at www.china-threat.com

  • rate this
    +4

    Comment number 3.

    Why is this considered war? Also given that Stuxnet is clearly a western virus, why do people assume China started it?

 

Page 1 of 2

 

Features

Copyright © 2015 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.